resolutionflow/backend/alembic/versions/023_add_session_sharing.py

"""add session sharing tables

Revision ID: 023
Revises: 022
Create Date: 2026-02-07

Adds session sharing infrastructure:
- session_shares: Share tokens with visibility control (public/account-only)
- session_share_views: Detailed view tracking with viewer identification
- accounts.allow_public_shares: Account-level policy for public share creation

Includes SaaS consultant-recommended denormalizations:
- account_id on session_shares (faster access control, survives user transfers)
- session_id on session_share_views (faster analytics queries)
"""
from typing import Sequence, Union

from alembic import op
import sqlalchemy as sa
from sqlalchemy.dialects.postgresql import UUID


# revision identifiers, used by Alembic.
revision: str = '023'
down_revision: Union[str, None] = '022'
branch_labels: Union[str, Sequence[str], None] = None
depends_on: Union[str, Sequence[str], None] = None


def upgrade() -> None:
    # Create session_shares table
    op.create_table(
        'session_shares',
        sa.Column('id', UUID(as_uuid=True), primary_key=True, server_default=sa.text('gen_random_uuid()')),
        sa.Column('session_id', UUID(as_uuid=True), nullable=False),
        sa.Column('account_id', UUID(as_uuid=True), nullable=False),
        sa.Column('share_token', sa.String(64), nullable=False, unique=True),
        sa.Column('share_name', sa.String(100), nullable=True),
        sa.Column('visibility', sa.String(20), nullable=False, server_default='public'),
        sa.Column('created_by', UUID(as_uuid=True), nullable=False),
        sa.Column('created_at', sa.DateTime(timezone=True), nullable=False, server_default=sa.text('now()')),
        sa.Column('updated_at', sa.DateTime(timezone=True), nullable=False, server_default=sa.text('now()')),
        sa.Column('expires_at', sa.DateTime(timezone=True), nullable=True),
        sa.Column('view_count', sa.Integer, nullable=False, server_default='0'),
        sa.Column('last_viewed_at', sa.DateTime(timezone=True), nullable=True),
        sa.Column('is_active', sa.Boolean, nullable=False, server_default='true'),
        sa.ForeignKeyConstraint(['session_id'], ['sessions.id'], ondelete='CASCADE'),
        sa.ForeignKeyConstraint(['account_id'], ['accounts.id'], ondelete='CASCADE'),
        sa.ForeignKeyConstraint(['created_by'], ['users.id'], ondelete='CASCADE'),
        sa.CheckConstraint("visibility IN ('public', 'account')", name='ck_session_shares_visibility')
    )

    # Create indexes for session_shares
    op.create_index('ix_session_shares_session_id', 'session_shares', ['session_id'])
    op.create_index('ix_session_shares_account_id', 'session_shares', ['account_id'])
    op.create_index('ix_session_shares_share_token', 'session_shares', ['share_token'])
    op.create_index('ix_session_shares_created_by', 'session_shares', ['created_by'])
    op.create_index('ix_session_shares_expires_at', 'session_shares', ['expires_at'])
    op.create_index('ix_session_shares_is_active', 'session_shares', ['is_active'])

    # Create session_share_views table
    op.create_table(
        'session_share_views',
        sa.Column('id', UUID(as_uuid=True), primary_key=True, server_default=sa.text('gen_random_uuid()')),
        sa.Column('share_id', UUID(as_uuid=True), nullable=False),
        sa.Column('session_id', UUID(as_uuid=True), nullable=False),
        sa.Column('viewer_id', UUID(as_uuid=True), nullable=True),
        sa.Column('viewed_at', sa.DateTime(timezone=True), nullable=False, server_default=sa.text('now()')),
        sa.Column('viewer_ip', sa.String(45), nullable=True),
        sa.Column('viewer_user_agent', sa.String(500), nullable=True),
        sa.ForeignKeyConstraint(['share_id'], ['session_shares.id'], ondelete='CASCADE'),
        sa.ForeignKeyConstraint(['session_id'], ['sessions.id'], ondelete='CASCADE'),
        sa.ForeignKeyConstraint(['viewer_id'], ['users.id'], ondelete='SET NULL')
    )

    # Create indexes for session_share_views
    op.create_index('ix_session_share_views_share_id', 'session_share_views', ['share_id'])
    op.create_index('ix_session_share_views_session_id', 'session_share_views', ['session_id'])
    op.create_index('ix_session_share_views_viewer_id', 'session_share_views', ['viewer_id'])
    op.create_index('ix_session_share_views_viewed_at', 'session_share_views', ['viewed_at'])

    # Add account policy for public shares
    op.add_column('accounts', sa.Column('allow_public_shares', sa.Boolean, nullable=False, server_default='true'))


def downgrade() -> None:
    op.drop_column('accounts', 'allow_public_shares')
    op.drop_table('session_share_views')
    op.drop_table('session_shares')